Articles & Writeups 45
- How I keep updated in the infosec industry
- Effective Notes for OSCP, CTFs and Pentests with Obsidian (2025)
- Pentesting Salesforce Communities
- Let's talk about communities with Meethack Torino
- How NOT to react to a responsible disclosure (CVE-2023-47444)
- Getting Started with GeoGuessr and OSINT (UMDCTF 2023)
- Defeating custom password reset tokens
- How to set up an Android Penetration Testing Lab from scratch
- WAF bypass and vulnerability chain exploiting parser differentials
- Finding SSTI in an EJS app using existing exploits and undocumented features
- HackTheBox - Blunder
- HackTheBox - Noter
- HackTheBox - AdmirerToo
- HackTheBox - Armageddon
- HackTheBox - Spectra
- HackTheBox - Postman
- Exploit Arbitrary Deserialization through Blind SQL Injection
- 0xbro, from developer to pentester (Beyond technology, Ep. 01)
- Intercept HTTPS on non-rooted Android devices
- HackTheBox - Timelapse
- HackTheBox - Late
- Taking effective notes for CTF, OSCP and other labs
- HackTheBox - RouterSpace
- HackTheBox - Paper
- Exploit Zip Slip vulnerability in python tarfile
- Bypass certificate pinning with Frida and Xposed
- Reverse and patch an easy APK
- The 5 BEST platforms to practice Ethical Hacking in 2022
- Bypassing addslashes() using format string to get SQL Injection
- Pickle Insecure Deserialization
- HackTheBox - Knife
- HackTheBox - Love
- HackTheBox - TheNotebook
- HackTheBox - Ophiuchi
- HackTheBox - Tenet
- HackTheBox - ScriptKiddie
- My OSCP Journey
- HackTheBox - Delivery
- HackTheBox - Ready
- HackTheBox - Tabby
- HackTheBox - Traceback
- HackTheBox - OpenAdmin
- HackTheBox - Obscurity
- HackTheBox - Traverxec
- HackTheBox - Writeup